Overview

overview

10

Static

static

3

ff8cca22c4...18.dll

windows7-x64

10

ff8cca22c4...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ff8cca22c4705dd29bc58fa036fb992c_JaffaCakes118

  • Size

    5.0MB

  • Sample

    240930-aft7ms1flh

  • MD5

    ff8cca22c4705dd29bc58fa036fb992c

  • SHA1

    bfbb78abb21d20d48d6612287f5d7aeccdf3bce2

  • SHA256

    207311091a37e677abb33085d8c1f2058a87b9b62c2a8f0559a170c8e3cabd67

  • SHA512

    a101647f904f196468c23b216fc80c9b859b09c6e2927f6883eb470e3330689179b599b7c9a2e3201d70f988f52b554e03fe4977befdda7cced4ec08f826d015

  • SSDEEP

    98304:TDqPoBhz1aRxcSUDk36SAmxWa9P5qAVp2B:TDqPe1Cxcxk3ZA5adYc4B

Score
10/10
wannacrydiscoveryransomwareworm

Malware Config

Targets

    • Target

      ff8cca22c4705dd29bc58fa036fb992c_JaffaCakes118

    • Size

      5.0MB

    • MD5

      ff8cca22c4705dd29bc58fa036fb992c

    • SHA1

      bfbb78abb21d20d48d6612287f5d7aeccdf3bce2

    • SHA256

      207311091a37e677abb33085d8c1f2058a87b9b62c2a8f0559a170c8e3cabd67

    • SHA512

      a101647f904f196468c23b216fc80c9b859b09c6e2927f6883eb470e3330689179b599b7c9a2e3201d70f988f52b554e03fe4977befdda7cced4ec08f826d015

    • SSDEEP

      98304:TDqPoBhz1aRxcSUDk36SAmxWa9P5qAVp2B:TDqPe1Cxcxk3ZA5adYc4B

    Score
    10/10
    wannacrydiscoveryransomwareworm

    • Wannacry

      WannaCry is a ransomware cryptoworm.

      ransomwarewormwannacry

    • Contacts a large (3122) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Executes dropped EXE

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks